• DocumentCode
    3390894
  • Title

    A self-organizing map and its modeling for discovering malignant network traffic

  • Author

    Langin, Chet ; Zhou, Hongbo ; Rahimi, Shahram ; Gupta, Bidyut ; Zargham, Mehdi ; Sayeh, Mohammad R.

  • Author_Institution
    Dept. of Comput. Sci., Southern Illinois Univ., Carbondale, IL
  • fYear
    2009
  • fDate
    March 30 2009-April 2 2009
  • Firstpage
    122
  • Lastpage
    129
  • Abstract
    Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a self-organizing map (som) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.
  • Keywords
    Internet; data mining; peer-to-peer computing; security of data; telecommunication traffic; P2P botnet traffic; denied Internet firewall log entries; knowledge discovery; malignant network traffic; model-based intrusion detection; self-organizing map; Cancer; Cryptography; Internet; Intrusion detection; Military computing; Peer to peer computing; Protocols; Relays; Telecommunication traffic; Traffic control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computational Intelligence in Cyber Security, 2009. CICS '09. IEEE Symposium on
  • Conference_Location
    Nashville, TN
  • Print_ISBN
    978-1-4244-2769-7
  • Type

    conf

  • DOI
    10.1109/CICYBS.2009.4925099
  • Filename
    4925099
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3390894